Authentication
Obtaining Client Credentials
See the docs on obtaining credentials to provision required credentials. The provided client id and client secret will be used to retrieve an access token for authorizing requests to the Breezeway platform.
Generating Access and Refresh Tokens
To generate your access and refresh token, perform a POST call to the auth endpoint with your client credentials using an application/json
content type.
curl --request POST \
--url https://api.breezeway.io/public/auth/v1/ \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"client_id": "<YOUR_CLIENT_ID>",
"client_secret": "<YOUR_CLIENT_SECRET>"
}
'
The Breezeway platform will respond with an access token and refresh token.
{
"access_token": "<YOUR_JWT_ACCESS_TOKEN>",
"refresh_token": "<YOUR_JWT_REFRESH_TOKEN>"
}
The tokens return are JSON Web Tokens (JWTs). Access tokens have a 24-hour lifetime and can be used to authenticate as many requests as needed during that time.
Request Authentication
To authenticate requests to the various Breezeway platform APIs, the access token must be provided in the request header Authorization
and must include the scheme JWT
as a prefix to the access token. Note the prefix in the following example request.
curl --request GET \
--url https://api.breezeway.io/public/inventory/v1/property \
--header 'Authorization: JWT <YOUR_ACCESS_TOKEN>' \
--header 'accept: application/json'
Refreshing Access Tokens
Access tokens have a 24-hour life and must be refreshed to ensure continued authorization of requests. To refresh tokens, a POST call must be made to the refresh endpoint, using the refresh token obtained previously. As with other requests, the token must be prefixed with JWT
.
curl --request POST \
--url https://api.breezeway.io/public/auth/v1/refresh \
--header 'Authorization: JWT <YOUR_REFRESH_TOKEN>' \
--header 'accept: application/json'
The Breezeway platform will respond with new tokens.
{
"access_token": "<YOUR_NEW_ACCESS_TOKEN>",
"refresh_token": "<YOUR_NEW_REFRESH_TOKEN>"
}
Refresh tokens have a 30-day lifetime. Each call to refresh an access token provides a new refresh token. If your refresh token expires, new tokens can be generated by following the steps outlined above in Generating Access and Refresh Tokens.
Updated 16 days ago